Cell Phone Kill Switch - The Ultimate Double-Edged Sword

Cell phones have changed the way Americans live. According to a study conducted by the Pew research center, 90 percent of all adults in the United States own one. Even more impressive than that, 98 percent of people between the ages of 18 and 29 own personal cell phones. To say that everyone owns a phone is not a far-fetched statement any more. Not only are cell phones used to communicate via calling, but they are also used for everything from Flappy Bird and Facebook to banking and stocks. Despite this, they still cost a pretty penny, consequently making them valuable targets for theft. They can be back on the market with all of the data wiped within hours. Some companies have tried to help victims in finding their phone by providing tracking software, but it is usually not automatically enabled. Google has a service like this that ties in with Android phones called Android Device Manager. You can track any Android device that you have signed in on from any web browser. You can even remotely wipe, turn off, and ring the phone…if it is powered on. Most thieves have now caught on and immediately remove the battery after taking it, rendering these services ineffective.

In an effort to combat this, New York congressman Jose Serrano has proposed a new federal bill: adding a remote “kill switch” to all new phones. This function will allow users to remotely destroy all of their data and render the phone inoperable if it is stolen. Their hope is to deter cell phone robberies from happening in the first place. Worryingly, it does not say exactly how it renders the phone inoperable. If it aims to really render the phone inoperable, it would have to change core aspects of the protected areas of the phone. Known to the developer community as “bricking” the phone (as in rendering it to a $500 paperweight), it immediately voids the warranty and is hard to do when working with the phone directly, much less remotely.

Would this idea even work? Currently, when a phone is stolen, users lose data and in most cases have to buy a replacement phone. What would the difference be if a kill switch was implemented? The users would still lose their data and they would still have to obtain a replacement. Unfortunately, in the case where they did find their phone, it would be useless anyways. Rather than address this issue, legislators focus on advertising this as a deterrent. Without knowing exactly what this kill switch does, it is safe to assume that there would still be ways around it. They also never state whether it is reversible or not. One would think that if a thief noticed that the phone was inoperable, they would to ditch it to get rid of stolen property. If the phone is permanently useless, then there would also be almost no chance of recovering it either. All of these problems deal exclusively with user-triggered kills, but what if it wasn’t them who pushed the button? Even service providers are fully aware of this and don’t support completely ruining the phone.

However, If manufacturers were required to offer a service like this, what kind of security would they use? If it were something as simple as a web sign on, it would be extremely vulnerable to hackers and phishers (people who create fake sign ons that look authentic to capture your user name and password.) This would be especially dangerous if the phones are permanently unusable after the switch is flipped. Also, what would the legal consequences of this be? Theoretically, they could be used as a tactic when chasing suspects. By making their phone inoperable, they effectively cut any communication with others that the suspect might have. On the other hand, anybody’s phone could be remotely shut down if authorities have a warrant or probable cause. This is all theoretical, but if this system was in place, it would be easy to do.

In the end, the only truly effective part of a kill switch would be a slight deterrent towards thieves, but the consequences of implementation could be disastrous, especially if it were irreversible.